Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-12-2020 Uruchomiony przez Austryjak (administrator) DESKTOP-ALPK065 (ASUSTeK COMPUTER INC. X540LA) (29-12-2020 15:15:53) Uruchomiony z C:\Users\Austryjak\Downloads Załadowane profile: Austryjak Platform: Windows 10 Home Wersja 20H2 19042.572 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe (ASUSTek Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTek Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUSTek Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (HUAWEI Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe (HUAWEI Technologies Co., Ltd. -> ) C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <18> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKU\S-1-5-21-1681143624-1678891744-3230166777-1001\...\MountPoints2: {b8ac867b-3d4d-11eb-8154-00f48d100754} - "D:\AutoRun.exe" HKU\S-1-5-21-1681143624-1678891744-3230166777-1001\...\MountPoints2: {b8ac86e1-3d4d-11eb-8154-00f48d100754} - "D:\AutoRun.exe" ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {4826F8B5-5CA8-46C4-8F6D-187590636B2E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1681143624-1678891744-3230166777-500 => C:\Users\Austryjak\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {51688A0F-20FB-46A4-B153-A95A60932FCE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-20] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {63FE0925-2FC3-4898-A7A8-96DA3E2C8B4B} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18352 2019-08-19] (ASUSTek Computer Inc. -> AsusTek) Task: {A21B8D85-A8F6-48AE-B965-799203DD233D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-20] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A3DCA9B8-EFC0-46F0-BD18-14C7BA2612CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-20] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E7F1A8E4-3511-4DD8-9CC1-03DB04A2AFB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-20] (Microsoft Windows Publisher -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 212.2.127.253 212.2.96.51 Tcpip\..\Interfaces\{8a72c4d7-166c-493f-a380-ef6cfe6d1b9d}: [DhcpNameServer] 212.2.127.253 212.2.96.51 Tcpip\..\Interfaces\{e644a9d0-8666-40f5-8f4f-23c8e4034abc}: [DhcpNameServer] 212.2.127.254 212.2.96.52 Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\Austryjak\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-29] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] (HUAWEI Technologies Co., Ltd. -> ) S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] (HUAWEI Technologies Co., Ltd. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-20] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-20] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AsusSGDrv; C:\Windows\System32\drivers\AsusSGDrv.sys [140032 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 ew_hwusbdev; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 ew_usbenumfilter; C:\Windows\System32\drivers\ew_usbenumfilter.sys [13952 2010-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS) R3 huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [104960 2012-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 huawei_cdcecm; C:\Windows\System32\drivers\ew_jucdcecm.sys [76288 2012-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 huawei_enumerator; C:\Windows\System32\drivers\ew_jubusenum.sys [90112 2012-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 huawei_ext_ctrl; C:\Windows\System32\drivers\ew_juextctrl.sys [30720 2012-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-20] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-20] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Trzy miesiące (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-28 14:13 - 2020-12-29 15:16 - 000008597 _____ C:\Users\Austryjak\Downloads\FRST.txt 2020-12-28 14:04 - 2020-12-28 14:24 - 000026598 _____ C:\Users\Austryjak\Downloads\Shortcut.txt 2020-12-28 13:15 - 2020-12-28 13:52 - 000023038 _____ C:\Windows\ntbtlog.txt 2020-12-28 13:08 - 2020-12-29 15:15 - 000032542 _____ C:\Users\Austryjak\Downloads\Addition.txt 2020-12-28 13:06 - 2020-12-29 15:16 - 000000000 ____D C:\FRST 2020-12-28 13:06 - 2020-12-28 16:48 - 000021111 _____ C:\Users\Austryjak\Downloads\fixlist.txt 2020-12-28 13:05 - 2020-12-28 13:05 - 002286592 _____ (Farbar) C:\Users\Austryjak\Downloads\FRST64.exe 2020-12-28 10:58 - 2020-12-28 10:58 - 000000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2020-12-28 09:52 - 2020-12-28 09:52 - 000042989 _____ C:\Users\Austryjak\Downloads\Web Translator.html 2020-12-28 09:52 - 2020-12-28 09:52 - 000042989 _____ C:\Users\Austryjak\Desktop\Web Translator.html 2020-12-28 09:52 - 2020-12-28 09:52 - 000000000 ____D C:\Users\Austryjak\Downloads\Web Translator_files 2020-12-28 09:52 - 2020-12-28 09:52 - 000000000 ____D C:\Users\Austryjak\Desktop\Web Translator_files 2020-12-22 16:49 - 2020-12-22 16:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf 2020-12-22 16:48 - 2020-12-22 16:48 - 000001154 _____ C:\Users\Public\Desktop\Mobile Partner.lnk 2020-12-22 16:48 - 2020-12-22 16:48 - 000000000 ____D C:\ProgramData\Mobile Partner 2020-12-22 16:48 - 2020-12-22 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner 2020-12-22 16:48 - 2012-09-18 09:22 - 000239104 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2020-12-22 16:48 - 2012-09-14 02:28 - 000451072 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2020-12-22 16:48 - 2012-08-20 01:55 - 000104960 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2020-12-22 16:48 - 2012-08-20 01:55 - 000090112 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2020-12-22 16:48 - 2012-08-20 01:55 - 000076288 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2020-12-22 16:48 - 2012-08-20 01:55 - 000030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2020-12-22 16:48 - 2011-12-31 02:20 - 000225920 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2020-12-22 16:48 - 2010-10-08 09:59 - 000032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2020-12-22 16:48 - 2010-09-26 11:09 - 000022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2020-12-22 16:48 - 2010-08-06 00:43 - 001001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2020-12-22 16:48 - 2010-07-27 02:52 - 000117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2020-12-22 16:48 - 2010-03-20 05:06 - 000013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2020-12-22 16:47 - 2020-12-22 16:49 - 000000000 ____D C:\ProgramData\DatacardService 2020-12-22 16:47 - 2020-12-22 16:48 - 000000000 ____D C:\Program Files (x86)\Mobile Partner 2020-12-20 16:57 - 2020-12-20 16:57 - 000126272 _____ C:\Users\Austryjak\Downloads\Da się z pompy odpływowej od pralki zrobić pompę do wody_.html 2020-12-20 16:57 - 2020-12-20 16:57 - 000091467 _____ C:\Users\Austryjak\Downloads\Da się z pompy odpływowej od pralki zrobić pompę do wody_ - 2.html 2020-12-20 16:57 - 2020-12-20 16:57 - 000000000 ____D C:\Users\Austryjak\Downloads\Da się z pompy odpływowej od pralki zrobić pompę do wody__files 2020-12-20 16:57 - 2020-12-20 16:57 - 000000000 ____D C:\Users\Austryjak\Downloads\Da się z pompy odpływowej od pralki zrobić pompę do wody_ - 2_files 2020-12-19 16:07 - 2020-12-29 14:57 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2020-12-19 15:47 - 2020-12-19 15:47 - 000000000 ____D C:\Program Files (x86)\Intel 2020-12-19 15:47 - 2020-01-16 01:52 - 000104160 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2020-12-19 15:47 - 2020-01-16 01:52 - 000100064 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL 2020-12-19 15:46 - 2020-12-29 14:57 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2020-12-19 15:46 - 2020-12-29 14:57 - 000000000 __SHD C:\Users\Austryjak\IntelGraphicsProfiles 2020-12-19 15:46 - 2020-12-19 15:47 - 000000000 ____D C:\Program Files\Intel 2020-12-19 15:46 - 2020-12-19 15:46 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2020-12-19 15:46 - 2020-12-19 15:46 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin 2020-12-19 15:29 - 2020-12-19 15:29 - 000003632 _____ C:\Windows\system32\Tasks\ASUS Smart Gesture Launcher 2020-12-19 15:29 - 2020-12-19 15:29 - 000000000 ____D C:\ProgramData\SetupTPDriver 2020-12-19 15:29 - 2020-12-19 15:29 - 000000000 ____D C:\Program Files (x86)\ASUS 2020-12-19 15:24 - 2020-12-19 15:24 - 000001546 _____ C:\Users\Austryjak\Desktop\Spotify.lnk 2020-12-18 16:00 - 2020-12-19 15:29 - 000000000 ____D C:\Windows\system32\MRT 2020-12-18 15:44 - 2020-12-20 16:51 - 000000000 ___HD C:\$WinREAgent 2020-12-03 10:13 - 2020-12-28 08:48 - 000000000 ___RD C:\Users\Austryjak\OneDrive 2020-12-03 10:10 - 2020-12-03 10:10 - 000000000 ___RD C:\Users\Austryjak\3D Objects 2020-12-03 10:10 - 2020-12-03 10:10 - 000000000 ____D C:\Users\Austryjak\AppData\Roaming\Adobe 2020-12-03 10:08 - 2020-12-19 15:46 - 000000000 ____D C:\Users\Austryjak 2020-12-03 10:08 - 2020-12-03 10:08 - 000000020 ___SH C:\Users\Austryjak\ntuser.ini 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\Ustawienia lokalne 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\Szablony 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\Moje dokumenty 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\Menu Start 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\Documents\Moje wideo 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\Documents\Moje obrazy 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\Documents\Moja muzyka 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\Dane aplikacji 2020-12-03 10:08 - 2020-12-03 10:08 - 000000000 _SHDL C:\Users\Austryjak\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2020-12-03 09:36 - 2020-12-28 15:27 - 001678234 _____ C:\Windows\system32\PerfStringBackup.INI 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Public\Documents\Moje wideo 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Public\Documents\Moje obrazy 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Public\Documents\Moja muzyka 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\Ustawienia lokalne 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\Szablony 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\Moje dokumenty 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\Menu Start 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\Documents\Moje wideo 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\Documents\Moje obrazy 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\Documents\Moja muzyka 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\Dane aplikacji 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\Ustawienia lokalne 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\Szablony 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\Moje dokumenty 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\Menu Start 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\Documents\Moje wideo 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\Documents\Moje obrazy 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\Documents\Moja muzyka 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\Dane aplikacji 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\ProgramData\Szablony 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\ProgramData\Pulpit 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\ProgramData\Menu Start 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\ProgramData\Dokumenty 2020-12-03 09:32 - 2020-12-03 09:32 - 000000000 _SHDL C:\ProgramData\Dane aplikacji 2020-12-03 09:26 - 2020-12-03 09:26 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1681143624-1678891744-3230166777-500 2020-12-03 09:26 - 2020-12-03 09:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2020-12-03 09:25 - 2020-12-20 15:32 - 000000000 ____D C:\Windows\Panther 2020-11-23 04:32 - 2020-11-23 04:32 - 000000920 _____ C:\Users\Austryjak\Downloads\UnHookExec.inf.zip 2020-11-23 04:07 - 2020-11-23 04:07 - 000049168 _____ C:\Users\Austryjak\Downloads\Przywróć działanie edytora rejestru - elektroda.pl.html 2020-11-23 04:07 - 2020-11-23 04:07 - 000000000 ____D C:\Users\Austryjak\Downloads\Przywróć działanie edytora rejestru - elektroda.pl_files 2020-10-18 17:56 - 2020-10-18 17:56 - 000000000 _____ C:\fsutil 2020-10-09 21:51 - 2020-10-09 21:51 - 000000000 ____D C:\ProgramData\ssh 2020-10-09 21:48 - 2020-10-09 21:48 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2020-10-09 21:47 - 2020-10-09 21:47 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2020-10-09 21:47 - 2020-10-09 21:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2020-10-09 21:47 - 2020-10-09 21:47 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 001822256 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2020-10-09 21:47 - 2020-10-09 21:47 - 001393472 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2020-10-09 21:47 - 2020-10-09 21:47 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 001333248 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 001309504 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2020-10-09 21:47 - 2020-10-09 21:47 - 001162240 _____ C:\Windows\system32\MBR2GPT.EXE 2020-10-09 21:47 - 2020-10-09 21:47 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000707544 _____ C:\Windows\system32\TextShaping.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000645120 _____ C:\Windows\system32\WindowManagementAPI.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000611952 _____ C:\Windows\SysWOW64\TextShaping.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2020-10-09 21:47 - 2020-10-09 21:47 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2020-10-09 21:47 - 2020-10-09 21:47 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2020-10-09 21:47 - 2020-10-09 21:47 - 000455168 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000422912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2020-10-09 21:47 - 2020-10-09 21:47 - 000306176 _____ C:\Windows\system32\HeatCore.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl 2020-10-09 21:47 - 2020-10-09 21:47 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000266240 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2020-10-09 21:47 - 2020-10-09 21:47 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl 2020-10-09 21:47 - 2020-10-09 21:47 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl 2020-10-09 21:47 - 2020-10-09 21:47 - 000204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax 2020-10-09 21:47 - 2020-10-09 21:47 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2020-10-09 21:47 - 2020-10-09 21:47 - 000148992 _____ C:\Windows\system32\EoAExperiences.exe 2020-10-09 21:47 - 2020-10-09 21:47 - 000112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.tlb 2020-10-09 21:47 - 2020-10-09 21:47 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\activeds.tlb 2020-10-09 21:47 - 2020-10-09 21:47 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl 2020-10-09 21:47 - 2020-10-09 21:47 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl 2020-10-09 21:47 - 2020-10-09 21:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2020-10-09 21:47 - 2020-10-09 21:47 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2020-10-09 21:47 - 2020-10-09 21:47 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2020-10-09 21:47 - 2020-10-09 21:47 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000047472 _____ C:\Windows\SysWOW64\umpdc.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000045880 _____ C:\Windows\system32\HvSocket.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000029696 _____ (The ICU Project) C:\Windows\system32\icuuc.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000025088 _____ (The ICU Project) C:\Windows\system32\icuin.dll 2020-10-09 21:47 - 2020-10-09 21:47 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msacm32.drv 2020-10-09 21:47 - 2020-10-09 21:47 - 000009279 _____ C:\Windows\system32\DrtmAuthTxt.wim 2020-10-09 21:46 - 2020-10-09 21:46 - 004227116 _____ C:\Windows\system32\DefaultHrtfs.bin 2020-10-09 21:46 - 2020-10-09 21:46 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2020-10-09 21:46 - 2020-10-09 21:46 - 000455168 _____ C:\Windows\system32\ssdm.dll 2020-10-09 21:46 - 2020-10-09 21:46 - 000361472 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-10-09 21:46 - 2020-10-09 21:46 - 000287232 _____ C:\Windows\system32\CoreMas.dll 2020-10-09 21:46 - 2020-10-09 21:46 - 000165376 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2020-10-09 21:46 - 2020-10-09 21:46 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-10-09 21:46 - 2020-10-09 21:46 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-10-09 21:46 - 2020-10-09 21:46 - 000064552 _____ C:\Windows\system32\umpdc.dll 2020-10-09 21:46 - 2020-10-09 21:46 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv 2020-10-09 21:46 - 2020-10-09 21:46 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe 2020-10-04 11:58 - 2020-10-04 12:00 - 000000855 _____ C:\hosts.txt ==================== Trzy miesiące (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-29 15:04 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2020-12-29 14:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-28 15:33 - 2020-09-27 06:52 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-12-28 15:27 - 2019-12-07 16:08 - 000748784 _____ C:\Windows\system32\perfh015.dat 2020-12-28 15:27 - 2019-12-07 16:08 - 000144494 _____ C:\Windows\system32\perfc015.dat 2020-12-28 15:20 - 2020-09-27 08:52 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-12-28 15:20 - 2020-09-27 06:52 - 000008192 ___SH C:\DumpStack.log.tmp 2020-12-28 15:19 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2020-12-28 09:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-28 09:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2020-12-23 12:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing 2020-12-23 12:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2020-12-20 16:13 - 2020-09-27 08:55 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-20 16:13 - 2020-09-27 08:55 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-12-20 15:44 - 2020-09-27 08:52 - 000000000 ____D C:\Windows\system32\Drivers\wd 2020-12-20 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-20 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat 2020-12-19 15:49 - 2020-09-27 08:54 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-12-19 15:49 - 2020-09-27 08:54 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-12-18 15:45 - 2020-09-27 08:56 - 000000000 ____D C:\ProgramData\Packages 2020-12-03 10:10 - 2020-09-27 08:56 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-12-03 09:34 - 2019-12-07 16:10 - 000000000 ____D C:\Windows\system32\FxsTmp 2020-12-03 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState 2020-12-03 09:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT 2020-12-03 09:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate 2020-12-03 09:27 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog 2020-12-03 09:27 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2020-12-03 09:26 - 2020-09-27 06:52 - 000258584 _____ C:\Windows\system32\FNTCACHE.DAT 2020-12-03 09:25 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} {1b275273-3536-11eb-be5f-806e6f6e6963} timeout 1 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {241ef05a-3541-11eb-bf28-bc1cfcb4a95b} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Firmware Application (101fffff) ------------------------------- identifier {1b275273-3536-11eb-be5f-806e6f6e6963} description Hard Drive Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale pl-PL inherit {bootloadersettings} recoverysequence {241ef05c-3541-11eb-bf28-bc1cfcb4a95b} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {241ef05a-3541-11eb-bf28-bc1cfcb4a95b} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {241ef05c-3541-11eb-bf28-bc1cfcb4a95b} device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{241ef05d-3541-11eb-bf28-bc1cfcb4a95b} path \windows\system32\winload.efi description Windows Recovery Environment locale pl-pl inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{241ef05d-3541-11eb-bf28-bc1cfcb4a95b} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {241ef05a-3541-11eb-bf28-bc1cfcb4a95b} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale pl-PL inherit {resumeloadersettings} recoverysequence {241ef05c-3541-11eb-bf28-bc1cfcb4a95b} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostyka pami�ci systemu Windows locale pl-PL inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Local RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {241ef05d-3541-11eb-bf28-bc1cfcb4a95b} description Windows Recovery ramdisksdidevice partition=C: ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Koniec FRST.txt ========================